Cybercriminals have become adept at technical and social engineering, and contemporary threat actors are capable of carrying out sophisticated attacks that consistently breach modern network defenses. Oftentimes, these breaches lead to end user systems becoming infected and subsequently used as a stage for further compromise. Strong anti-threat protection technologies on the endpoint are the best chance enterprises have at defeating these incursions, but current products and techniques often cannot stop advanced threats. Endpoint detection and response (EDR) products address this gap and offer end-to-end visibility into threats, allowing security professionals to discover, investigate, and respond to previously unidentified attacks across an enterprise. In response to vendor and enterprise requests, NSS Labs has added EDR to our group test roadmap. In this session, we will define EDR and explain how it differs from other endpoint technologies. We will also review the current NSS Labs EDR Test Methodology and explain how this new group test will benefit organizations considering an EDR purchase.